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Microsoft warns of Windows zero-day; hackers serve exploits in 

PowerPoint files 

On Tuesday, Microsoft warned Windows users that hackers and cyber criminals were trying to 
exploit zero-day vulnerability by sending viruses in PowerPoint documents in email 
attachments. Microsoft had even identified the bug and provided a one-click fix for it, that the 
customers could use to protect their personal computers until a proper patch was available for 
protection. 

Even though Microsoft does not label its advisories in thesamemanner that it does its security 
updates. It said that a successful exploit would let hackers take control over the PC in order to 
steal information or other malware, or even plant information if necessary. This vulnerability 
will affect all versions of Windows starting from the aged Windows Server 2003, to the latest 
8.1 version of Windows. The vulnerability lies in the operating system's code, which handles the 
object linking and embedding (OLE). OLE is most commonly used for embedding data from one 
place to another (say, from an excel file to a word file). 

Currently, Microsoft is completely aware of the limited types of attacks that target to exploit 
the vulnerability through Microsoft PowerPoint. Ironically, Microsoft had gotten rid of a similar 
susceptibility in the latest eight security updates. One of them even addressed the bug in OLE, 
which like this one also had exploited the consumer's computers before the security patch was 
launched to deal with it. The researchers at iSight Partners said that the flaw fixed by MS14- 
060 had been used by the Russian hacker crew that targeted the Ukrainian government 
agencies, Western European government agencies, NATO and other companies in the energy 
and telecommunication sectors. 

Microsoft has still not explicitly promised that it will patch this issue, but it certainly has to. The 
question that stands is when it will do so. The next patch is scheduled to be released on 
November 11, i.e. three weeks from today. In the past, Microsoft has been resisting to issue 
security updates unless the attack is too harsh and widespread. Even currently it has only 
launched a fix to the problem instead of working on a protection. Microsoft, alike Xiaomi is also 
at a high vulnerability considering the risk of increased cyber crime. New and innovative 
methods of hacking are being used by internet mobs from Russia and China that tend to breach 
many gates of security of these large information technology giants, such that even the likes of 
Google, Microsoft and Apple feel vulnerable to their skills. 
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